William Petit
7de166765b
All checks were successful
Cadoles/bouncer/pipeline/head This commit looks good
|
||
---|---|---|
.. | ||
kind | ||
kustomization | ||
README.md |
Kubernetes
Initialize your project
-
Generate the Docker configuration to enable image builds with Kaniko and communicate with reg.cadoles.com
docker login reg.cadoles.com mkdir -p misc/k8s/kustomization/base/secrets/dockerconfig docker --config misc/k8s/kustomization/base/secrets/dockerconfig login reg.cadoles.com mv misc/k8s/kustomization/base/secrets/dockerconfig/config.json misc/k8s/kustomization/base/secrets/dockerconfig/.dockerconfigjson mkdir -p misc/k8s/kustomization/overlays/dev/secrets/dockerconfig cp misc/k8s/kustomization/base/secrets/dockerconfig/.dockerconfigjson misc/k8s/kustomization/overlays/dev/secrets/dockerconfig/.dockerconfigjson
Getting started with Kind
-
Create your Kind cluster
kind create cluster --config misc/k8s/kind/bouncer-cluster.yaml
-
Deploy required operators
kubectl apply -k misc/k8s/kind/cluster --server-side
-
Deploy your Bouncer development environment
skaffold dev -p dev --cleanup=false --default-repo reg.cadoles.com/<YOUR_PERSONNAL_USER_NAME>
Testing
Bouncer will automatically create proxies based on the files present in the misc/k8s/kustomization/overlays/dev/files/bouncer/bootstrap.d
folder.
By default, with you host web browser, open http://localhost:9000, you should see the Cadoles website.
Using the admin API
From inside the cluster
-
Open shell in bouncer-admin pod
kubectl exec -it -n bouncer-dev bouncer-admin-<suffix> -- /bin/sh
-
Create an authentication token
bouncer --config /etc/bouncer/config.yml auth create-token --role writer --subject $(whoami) > .bouncer-token
-
Create a proxy and enable it
bouncer admin proxy query
From outside the cluster
-
Retrieve the authentication token from the generated secret
TOKEN=$(kubectl get secret -n bouncer-dev -o jsonpath="{.data.token}" bouncer-admin-writer-token | base64 -d)
-
Use the
bouncer
admin client to query the admin API./bouncer admin proxy query -t "${TOKEN}" --server http://127.0.0.1:9999
Benchmarking
You can use siege
to benchmark your instance with the Cadoles proxy.
BASE_URL=http://localhost:9000 make siege